Making kwallet more secure

nf2 nf2 at
Sat Aug 23 12:26:20 BST 2008

Michael Leupold wrote:
> - Make kwallet use p2p d-bus. Actually I'm not sure if that would work because 
> I couldn't find enough information about that matter. If I create a new bus 
> bypassing the daemon, couldn't other processes still connect to it as well?

Well - i think p2p d-bus doesn't really have a "bus". It's just a socket 
connections talking the d-bus protocol. So nobody else can eavesdrop them.

I think you would need to create a DBusServer:


And once a client connects call


and look up the absolute path of the calling application to store in the 
ACL (or to show in the dialog) using something like the code in

--> gkr_daemon_client_set_current()

because this doesn't work on non-unix platforms, the client should 
probably always send its path but with daemon-side validation only 
enabled on unixes.


More information about the kde-core-devel mailing list